Re: [Firebird-devel] Crypto Performance
Agree. On 9/21/2015 12:04 PM, Michal Kubecek wrote: > On Tue, Sep 15, 2015 at 11:22:22AM -0400, Jim Starkey wrote: >> 1. As Sean pointed out, the AES instructions are common on Intel >> processors. Not so for AMD, however, which only supports AES in >> their high end server chips. > Definitely not true. Both my recent AMD CPU's (FX-8150 and FX-4350) > support AES-NI. Neither of them is a "high end server chip". From what > I found around the web, even recent APU's have the support. > > Michal Kubeček > > > -- > Firebird-Devel mailing list, web interface at > https://lists.sourceforge.net/lists/listinfo/firebird-devel > > -- Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] error message while executing make_icu.bat
Vlad, Mark, You were both right. Vlad, messages were produced by make_boot.bat. Mark, after I installed Gnu Sed, I compiled FB3 without a hitch. Thank You, Boris On 9/19/2015 9:47 PM, Mark Rotteveel wrote: You need to have GNU sed on the path. Originally sed is a Unix tool, but there is a Windows version. Google for GNUwin or GNUwin32. Mark - Reply message - Van: "Boris Damjanovic" Aan: "For discussion among Firebird Developers" Onderwerp: [Firebird-devel] error message while executing make_icu.bat Datum: za, sep. 19, 2015 20:29 Hi! I'm trying to build Firebird-3.0.0.31896-Beta2 on Windows 8.1 using MSVC 2013. I get several error messages while executing make_icu.bat: /...// //...// //...// //Executed set_build_target.bat// // //Generating parse.cpp and dsql.tab.h// //'sed' is not recognized as an internal or external command,// //operable program or batch file.// //'sed' is not recognized as an internal or external command,// //operable program or batch file.// //y.y:0: unexpected end-of-file// // //Building gpre_boot (x64\release)...// // //...// //...// //..// //Processing msgs/build_file.epp// //Calling GPRE for msgs/build_file.epp// //(E) D:\Firebird3b2\src\msgs\build_file.epp:98: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:206: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:208: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:229: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:248: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:254: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:256: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:367: expected relation name, encountered "MESSAGES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:379: expected relation name, encountered "TRANSMSGS"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:386: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:415: unmatched END_FOR// // 11 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/help.epp// //Calling GPRE for qli/help.epp// //(E) D:\Firebird3b2\src\qli\help.epp:141: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:168: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:261: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:266: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:273: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:303: expected relation name, encountered "X"// //(E) D:\Firebird3b2\src\qli\help.epp:308: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:314: unmatched END_FOR// // 8 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/meta.epp// //Calling GPRE for qli/meta.epp// //1 file(s) moved.// // //Processing qli/proc.epp// //Calling GPRE for qli/proc.epp// //(E) D:\Firebird3b2\src\qli\proc.epp:173: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:232: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:277: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:279: expected context variable, encountered "X"// //(E) D:\Firebird3b2\src\qli\proc.epp:281: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:310: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:312: X is not a valid context variable// //(E) D:\Firebird3b2\src\qli\proc.epp:321: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:327: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:361: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:366: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:491: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:493: X is not a valid context variable// //(E) D:\Firebird3b2\src\qli\proc.epp:497: ON_ERROR used out of context// //(E) D:\Firebird3b2\src\qli\proc.epp:500: END_ERROR used out of context// //(E) D:\Firebird3b2\src\qli\proc.epp:550: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:561: unmatched END_FOR// // 17 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/show.epp// //Calling GPRE for qli/show.epp// //(E) D:\Firebird3b2\src\qli\show.epp:1974: expected re
[Firebird-devel] error message while executing make_icu.bat
Hi! I'm trying to build Firebird-3.0.0.31896-Beta2 on Windows 8.1 using MSVC 2013. I get several error messages while executing make_icu.bat: /...// //...// //...// //Executed set_build_target.bat// // //Generating parse.cpp and dsql.tab.h// //'sed' is not recognized as an internal or external command,// //operable program or batch file.// //'sed' is not recognized as an internal or external command,// //operable program or batch file.// //y.y:0: unexpected end-of-file// // //Building gpre_boot (x64\release)...// // //...// //...// //..// //Processing msgs/build_file.epp// //Calling GPRE for msgs/build_file.epp// //(E) D:\Firebird3b2\src\msgs\build_file.epp:98: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:206: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:208: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:229: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:248: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:254: expected relation name, encountered "LOCALES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:256: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:367: expected relation name, encountered "MESSAGES"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:379: expected relation name, encountered "TRANSMSGS"// //(E) D:\Firebird3b2\src\msgs\build_file.epp:386: unmatched END_FOR// //(E) D:\Firebird3b2\src\msgs\build_file.epp:415: unmatched END_FOR// // 11 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/help.epp// //Calling GPRE for qli/help.epp// //(E) D:\Firebird3b2\src\qli\help.epp:141: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:168: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:261: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:266: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:273: expected relation name, encountered "TOPICS"// //(E) D:\Firebird3b2\src\qli\help.epp:303: expected relation name, encountered "X"// //(E) D:\Firebird3b2\src\qli\help.epp:308: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\help.epp:314: unmatched END_FOR// // 8 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/meta.epp// //Calling GPRE for qli/meta.epp// //1 file(s) moved.// // //Processing qli/proc.epp// //Calling GPRE for qli/proc.epp// //(E) D:\Firebird3b2\src\qli\proc.epp:173: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:232: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:277: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:279: expected context variable, encountered "X"// //(E) D:\Firebird3b2\src\qli\proc.epp:281: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:310: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:312: X is not a valid context variable// //(E) D:\Firebird3b2\src\qli\proc.epp:321: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:327: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:361: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:366: unmatched END_FOR// //(E) D:\Firebird3b2\src\qli\proc.epp:491: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:493: X is not a valid context variable// //(E) D:\Firebird3b2\src\qli\proc.epp:497: ON_ERROR used out of context// //(E) D:\Firebird3b2\src\qli\proc.epp:500: END_ERROR used out of context// //(E) D:\Firebird3b2\src\qli\proc.epp:550: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\proc.epp:561: unmatched END_FOR// // 17 errors, no warnings// //The system cannot find the file specified.// // //Processing qli/show.epp// //Calling GPRE for qli/show.epp// //(E) D:\Firebird3b2\src\qli\show.epp:1974: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\show.epp:2072: expected relation name, encountered "QLI$PROCEDURES"// //(E) D:\Firebird3b2\src\qli\show.epp:2075: unmatched END_FOR// // 3 errors, no warnings// //The system cannot find the file specified.// //...// //...// //...// //6> scl.cpp// //6> dba.cpp// //6> parse.cpp// //6>c1xx : fatal error C1083: Cannot open source file: '..\..\..\src\dsql\parse.cpp': No such file or directory// //== Build: 5 succeeded, 1 failed, 3 up-to-date, 0 skipped ==// //...// //...// //...// //...Error building isql, see isql_x64.log// / At the end of execution, the file Parse.cpp is not created. What is 'sed' under Windows 8.1 / Visual studio? Am I missing something? Do I need CygWin along with Visu
Re: [Firebird-devel] Crypto Performance
I would like to bring your attention to the AES-XTS mode - http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf and to the CTR mode - http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf - https://tools.ietf.org/html/rfc4106 - http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/ctr/ctr-spec.pdf They both are good candidates for parallelization. On 9/15/2015 7:42 PM, Jim Starkey wrote: > On 9/15/2015 12:57 PM, Leyne, Sean wrote: >>> None of these suggest that there is an attack -- read the comments. >> They refer to a possible attack and provide links to other sites. One of >> the sites has a link to the following: >> >> http://www.iacr.org/archive/eurocrypt2002/23320530/cbc02_e02d.pdf >> >> which (at least to my scanned reading) suggest that the is a vulnerability >> to CBC mode ciphers... >> >> > No, it's actually about the pitfalls of padding when using CBC. Cipher > text stealing (CTS) is an alternative to padding. The argument against > CTS is that in some applications it may make message traffic analysis > possible because it exposes the length of the encrypted message. That > and $2.00 will get you a cup of coffee at Starbucks. > > We all know about an infinite number of monkeys recreating Shakespeare. > A real life analog is the number junior academics trying to get > published with pinpricks in solid technology. Much of it boils down to > the quite uninteresting fact that if you corrupt the ciphertext, you > corrupt the decrypted text as well. Well, duh. > > The article you referenced assumes an oracle to which you can submit > artificial "ciphertext" and it will tell you whether it conforms to a > known format after decryption. Enough probes on a packet with known > padding and you might learn something. Well, duh. > > But none of this is about streams on a virtual circuit, e.g. TCP, with > running stream or CBC ciphers. If you have an environment like UDP > where somebody could slip you a bogus packet, then you need signed > messages, but that's not the issue here. > > -- > Firebird-Devel mailing list, web interface at > https://lists.sourceforge.net/lists/listinfo/firebird-devel > > -- Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] Crypto Algoritm Performance
I have implemented ChaCha20 and compared it with various AES implementations on my other (still cheap) notebook. All my implementations are made for Windows and MS Visual Studio, but I think that Intel's AES-NI code (see below) and the original ChaCha code was made for GNU C compiler. First implementation with AES-NI instruction set is based on BOTAN library: http://botan.randombit.net/ For second implementation, INTEL based code, with AES-NI instruction set, I have used code from Intel White Paper (Shay Gueron) along with code from Dr. Brian Gladman: https://software.intel.com/sites/default/files/article/165683/aes-wp-2012-09-22-v01.pdf https://github.com/BrianGladman/AES/ Third (AES) and fourth (ChaCha) implementations are based on Bouncy Castle java library. The following results show AES and ChaCha encryption od 256 MB file with 32kB buffer and ECB mode of operation (for AES), without parallelization. The results are presented in two columns. First column shows whole program execution, from program start to end. Second column shows only time needed for encryption and key setup (without IO operations). Here are numbers: - AES, BOTAN based code, with AES-NI instruction set all enc 594 63 562 61 469 63 547 78 468 32 562 47 500 48 562 46 469 48 578 46 531.153.2 -- AES, INTEL based code, with AES-NI instruction set all enc 516 94 531 47 625 63 578 79 515 61 532 95 515 93 574 76 531 94 531 64 544.876.6 - AES, code based on Bouncy Castle (Java) , without AES-NI instruction set allenc 2031 1657 2047 1625 2015 1676 2047 1578 2078 1736 2078 1543 2015 1625 2219 1672 2063 1517 2125 1577 2071.8 1620.6 - ChaCha20, code based on Bouncy Castle (Java) 1625 1251 1672 1143 2016 1253 1672 1313 1750 1138 1672 1298 1625 1200 1797 1298 1641 1251 1657 1203 1712.7 1234.8 - As you can see, ChaCha implementation has far worse performance than implementation accelerated with AES-NI instruction set. However, it is somewhat faster than AES implementation without AES-Ni instruction set. I don't know whether the source code of these apps would satisfy your (Firebird) coding standards. If anyone wants to check it out, I could publish it on GitHub, or elsewhere. Just let me know how and where. Boris Damjanovic On 8/31/2015 3:03 PM, Jim Starkey wrote: > For the non-aficinionadoes, ECB is the electronic code book mode where each > 16 byte block is independently encrypted/decrypted. As such, it can reveal a > great deal about an encrypted document or stream as a repeating block will > always have the same encrypted form. > > The Ciphertext Block Chaining (CBC) works around this problem by XORing the > previous block's ciphertext with the next block's plaintext before > encryption. This makes it measureably, but not significantly, slower than > ECB. > > Another interesting variationon CBC is Ciphertext Stealing mode (CTS) used to > handle plaintexts of lengths that are not multiples of 16 bytes without > padding. Ciphertext stealing works by padding the unused tail of the last -- > and incomplete -- block with the trailing byes of the previous blocks > ciphertext before encryption, transmitting this last block before the next to > last block, then transmitting the next to last encrypted block truncated the > the original length of the last block. It's a really cute hack, but it > obviously doesn't work on plaintexts less than 16 bytes. > > The differences between AES in software and AES-NI (new instructions) will > vary wildly depending whether AES-NI is implemented in just microcode or > actual hardware. But none of these affect the security of AES. > > AES-256 isn't significantly more secure than AES-128 for normal computers, > though NSA believes it will be more resilient against attack by quantum > computers, if they ever show up. Personally, this is not something I'm > losing sleep over. > > Jim Starkey > > >> On Aug 31, 2015, at 2:01 AM, dbo...@poen.net wrote: >> >> Hi James, >> >> more numbers here. >> >> Soft. AES implementation vs AES-NI implementation, 512 MB, ECB mode of >> operation, single core, buffer size 32kB, Windows: >> AES 128:3873 ms (average calculated on 10 measurements) >> AES-NI
